Shodan
Vulnerabilities
Vulnerable Software
Opensuse:  Security Vulnerabilities
CVE-2018-10360
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
CVSS Score
6.5
EPSS Score
0.018
Published
2018-06-11
CVE-2018-12085
Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-06-09
CVE-2013-3703
The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project meta data.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-06-08
CVE-2014-0593
The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server.
CVSS Score
7.8
EPSS Score
0.005
Published
2018-06-08
CVE-2014-0594
In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-06-08
CVE-2014-5220
The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-06-08
CVE-2018-7688
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.
CVSS Score
7.1
EPSS Score
0.002
Published
2018-06-07
CVE-2018-7689
Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions.
CVSS Score
7.1
EPSS Score
0.002
Published
2018-06-07
CVE-2018-11683
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-06-04
CVE-2018-11684
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-06-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved